Overview

overview

7

Static

static

3

eab2bb0ef5...18.exe

windows7-x64

7

eab2bb0ef5...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eab2bb0ef5b0f3848cc64506655dc4d7_JaffaCakes118

  • Size

    750KB

  • Sample

    240919-ggz8lstdke

  • MD5

    eab2bb0ef5b0f3848cc64506655dc4d7

  • SHA1

    561385996f1739ea6bfaac0a7cbf27698bddfb7f

  • SHA256

    3a913114cba8e4160c18ff483bd15c1906615facd1da1e34335210f56075ef9f

  • SHA512

    dbfb2c04a0884a26470ae09b15c5bda22ad066e0e2f75e33a18e5af501584420050820caf2fc50049eaa54471b6119b1569b9e0bdd33cf7b77e6d1f638f47b90

  • SSDEEP

    12288:4upCHIvNfPVUbPVIAkDYBGRqnRyktfuoBCzWsdPTDPfJ4F3Z4mxxZo3ABt4QCde5:xpKIxAmuBGRWRyktpK1dPTLJ4QmXZQup

Score
7/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      eab2bb0ef5b0f3848cc64506655dc4d7_JaffaCakes118

    • Size

      750KB

    • MD5

      eab2bb0ef5b0f3848cc64506655dc4d7

    • SHA1

      561385996f1739ea6bfaac0a7cbf27698bddfb7f

    • SHA256

      3a913114cba8e4160c18ff483bd15c1906615facd1da1e34335210f56075ef9f

    • SHA512

      dbfb2c04a0884a26470ae09b15c5bda22ad066e0e2f75e33a18e5af501584420050820caf2fc50049eaa54471b6119b1569b9e0bdd33cf7b77e6d1f638f47b90

    • SSDEEP

      12288:4upCHIvNfPVUbPVIAkDYBGRqnRyktfuoBCzWsdPTDPfJ4F3Z4mxxZo3ABt4QCde5:xpKIxAmuBGRWRyktpK1dPTLJ4QmXZQup

    Score
    7/10
    defense_evasiondiscoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks